Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Unauthorized access in Web Wiz Forum Nov 02 2003 09:49AM
Alexander Antipov (pk95 yandex ru)
Unauthorized access in Web Wiz Forum

A vulnerability has found in Web Wiz Forum (6.34, 7.01, 7.5). Remote user
(authenticated or not) can read message in private forum. Remote user can
post message in private forum.

Software does not compare message to forum, when "quote" mode is used. In
result,...

[ more ]  




 

Privacy Statement
Copyright 2008, SecurityFocus